Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 3 potential issues.
There are 4 total unresolved issues (including 1 from previous review).
Autofix Details
Bugbot Autofix prepared fixes for all 3 issues found in the latest run.
- ✅ Fixed: Infinite re-fetch loop from unstable
admindependency- Changed useEffect dependency from unstable admin object to stable admin.fetchAll function reference.
- ✅ Fixed: Missing
datafield ingetUsernamereturn type- Added missing data: null field to catch block return statement to match ApiResponse contract.
- ✅ Fixed:
handleRefreshhas unstableadmindependency causing re-creation- Changed useCallback dependency from unstable admin object to stable admin.fetchAll function reference.
Or push these changes by commenting:
@cursor push 244ffd938b
Preview (244ffd938b)
diff --git a/app/src/api/dataSource/clientApiDataSource.ts b/app/src/api/dataSource/clientApiDataSource.ts
--- a/app/src/api/dataSource/clientApiDataSource.ts
+++ b/app/src/api/dataSource/clientApiDataSource.ts
@@ -1514,6 +1514,7 @@
errorMessage = error;
}
return {
+ data: null,
error: {
code: 500,
message: errorMessage,
diff --git a/app/src/components/admin/AdminPanel.tsx b/app/src/components/admin/AdminPanel.tsx
--- a/app/src/components/admin/AdminPanel.tsx
+++ b/app/src/components/admin/AdminPanel.tsx
@@ -170,11 +170,11 @@
if (isOpen && groupId) {
admin.fetchAll(groupId);
}
- }, [admin, groupId, isOpen]);
+ }, [admin.fetchAll, groupId, isOpen]);
const handleRefresh = useCallback(() => {
if (groupId) admin.fetchAll(groupId);
- }, [groupId, admin]);
+ }, [groupId, admin.fetchAll]);
if (!groupId || permissions.loading || !permissions.isAdmin) {
return null;This Bugbot Autofix run was free. To enable autofix for future PRs, go to the Cursor dashboard.
| const [actionLoading, setActionLoading] = useState(false); | ||
| const [error, setError] = useState<string | null>(null); | ||
|
|
||
| const api = new GroupApiDataSource(); |
There was a problem hiding this comment.
New GroupApiDataSource created every render in hook
Low Severity
const api = new GroupApiDataSource() is called in the hook's function body, creating a new instance on every render. The useCallback functions that reference api all have empty dependency arrays, so they close over the first instance and ignore subsequent ones. The newly created objects are immediately discarded. Moving this to a module-level constant or useRef avoids the unnecessary allocations.
Move app entry to a workspace-first flow that resolves the node's group identity before entering chat, and finish channel joins by carrying users into profile completion or chat based on their joined context state. Made-with: Cursor
Use one global messenger name across the app, keep workspace invitation entry available from the welcome screen, and align group channel visibility/admin access with the current workspace settings and permissions. Made-with: Cursor
Make workspace administration easier by replacing raw capability bitmasks with permission toggles and by letting authenticated users switch workspaces without redoing node auth. This also improves zero-channel workspace UX with clearer empty states and focused test coverage. Made-with: Cursor
Carry richer group context metadata through the app so channel and DM flows can use shared context information instead of raw IDs alone. This also improves DM creation and discovery across the workspace and preserves the accompanying test coverage. Made-with: Cursor
Expose group and member aliases through the frontend data layer so workspace, DM, and member-management surfaces show friendly names without replacing identity-based behavior. Add focused coverage for workspace alias rendering and DM/member alias fallbacks. Made-with: Cursor
Resolve the current workspace member when a workspace is selected so the login name field reflects that member's alias, and persist the typed name back as the member alias before entering chat. Made-with: Cursor
Implement support for group aliases throughout the application, allowing users to create and join groups with associated aliases. Update the invitation handling to serialize and parse group invitations with aliases, ensuring that aliases are stored and retrieved correctly. This includes updates to the API data source, UI components, and tests to ensure proper functionality and coverage. Made-with: Cursor
frdomovic
force-pushed
the
feat/integrate-context-management
branch
from
6a548aa to
3d7b388
Compare
| (.data // .) | | ||
| if type == "array" then .[0].groupId | ||
| elif type == "object" then (.groups[0].groupId // .items[0].groupId) | ||
| else empty end' 2>/dev/null || echo "") |
There was a problem hiding this comment.
CI group discovery queries wrong endpoint and field
High Severity
The CI bootstrap script queries /admin-api/groups and extracts groupId from the response, but the actual node API list endpoint is /admin-api/namespaces and returns entries with a namespaceId field. The frontend's listGroups() in groupApiDataSource.ts confirms this by calling /admin-api/namespaces as the primary endpoint, and rpc-admin.spec.ts tests explicitly state "The node exposes namespaces under /namespaces (not /groups)." The integration-setup.yml workflow also uses create_namespace and outputs namespaceId. As a result, GROUP_ID is always empty, E2E_GROUP_ID is blank in .env.integration, integrationEnvAvailable() returns false, and every integration test silently skips — despite the expensive WASM build, node startup, and Playwright browser installation.
Reviewed by Cursor Bugbot for commit 3d7b388. Configure here.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
There are 5 total unresolved issues (including 3 from previous reviews).
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit a01e328. Configure here.
| if (!envAvailable()) { | ||
| test.skip(); | ||
| } | ||
| } |
There was a problem hiding this comment.
Admin tests skip unnecessarily due to strict env check
Low Severity
requireEnv() calls envAvailable() which requires memberKey, but none of the admin REST API tests actually need memberKey — the only reference on line 158 is already guarded with if (env.memberKey && ...). When E2E_MEMBER_KEY is absent but all other env vars are present, the entire admin test suite silently skips. A less strict check (like integrationEnvAvailable() from node-client.ts, which omits memberKey) would match the actual requirements.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit a01e328. Configure here.
| const skipReasons = [ | ||
| process.env.SKIP_DEV_SERVER && "SKIP_DEV_SERVER", | ||
| process.env.INTEGRATION_MODE && "INTEGRATION_MODE", | ||
| ].filter(Boolean); |
There was a problem hiding this comment.
Global setup ignores LIVE_AUTH despite comment requiring it
Medium Severity
The comment on line 74 states "Only attempt auth when LIVE_AUTH=1 is explicitly set," and the Makefile passes LIVE_AUTH=1 for the live project, but process.env.LIVE_AUTH is never read in the skipReasons array or anywhere else. When a stale .env.integration exists with E2E_NODE_URL set but an expired token, running mocked tests (which don't need auth) causes global-setup to fall through to the browser auth flow, which fails against a non-running node and blocks the entire test suite.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit a01e328. Configure here.
2 participants
[mero-chat] Integrate context group management across app logic and frontend
Description
Migrates mero-chat from its legacy single-context-with-channels architecture to the group-based context management model, where each channel and DM is its own context within a group. This is the full adoption of the context group management feature implemented in core (
feat/context-management-proposal).Motivation: The previous architecture used one shared context for all channels and a separate context per DM with a bespoke state machine. The new model aligns with core's group primitives — visibility, allowlists, capabilities, cascade removal, and upgrade propagation — giving admins proper control over workspace membership and per-channel access.
What changed :
logic/src/lib.rs; each context now holds only messages, reactions, and per-context metadata (get_info,set_profile,get_profiles). The schema is single-context: one context = one channel or one DM.groupApiDataSource.tswith full coverage of the admin-api group surface (create/get/list/delete group, invite, join, members, contexts, visibility, allowlist, capabilities, default settings, upgrade trigger/status). AddeduseGroup,useGroupContexts,useGroupMembershooks andgroupIdsession/URL config.createGroup→ first context in group →createInvitation. Joining usesjoinGroup→syncGroup→listGroupContexts→joinGroupContext.InvitationHandlerPopupdetects group vs legacy invitations.CreateWorkspacePopupadded.useGroupContexts+ per-contextget_info(). Create channel =createGroupContext(with optional restricted visibility). Switch channel = switchcontextId+ context identity.SearchChannelsContainerupdated for browse-and-join flow.setContextVisibility("restricted")+addToAllowlist([self, other]). DM list filtered from group contexts bycontext_type === "Dm". RemoveddmSetupState.tsand legacy DM invitation flow entirely.HandleDMSetup,HandleInvitation,InvitationPending,JoinContext,SyncWaiting,dmSetupState.ts, and legacy session helpers. SimplifieduseChatHandlersandChatContainer.Dependencies: Requires core built from
feat/context-management-proposalwith group endpoints available at/admin-api/groups/*.Test plan
merodnodes (node-a, node-b) with the context-groups contract deployed and core built fromfeat/context-management-proposal.joinGroup→syncGroup→ auto-join #general succeeds and messages can be sent/received.npx tsc --noEmitpasses with zero errors.E2E test candidates: group join via invite, create channel, join channel, send message, create DM, join DM, send message, admin remove member (verify access revoked).
Documentation update
Note
Medium Risk
Adds new CI workflows that spin up real nodes and run extensive Playwright/RPC test suites, which can introduce flakiness and longer CI times. Also changes dependency/automation config (Dependabot, Makefiles) that affects developer and CI tooling paths.
Overview
Expands automated testing and CI for the frontend and full stack. Adds a new
Frontend CIGitHub Action to typecheck, lint, run unit tests (Vitest), and run Playwright E2E tests forapp/**changes.Introduces full-stack integration CI. Adds an
Integration Tests (Full Stack)workflow that buildscurb.wasm, boots two real nodes viamerobox, generatesapp/.env.integrationwith JWTs/IDs, and runs Playwrightintegrationtests; workflow tests are also updated to installmeroboxviapipand to rune2e.yml+integration-setup.yml.Adds a Playwright-based test harness and developer tooling. Introduces
app/playwright.config.ts,e2e/global-setup.ts, new mocked/live/integration/rpc/rpc-admin specs and helpers, plus Makefile targets and npm scripts for running suites locally; updates.gitignoreto exclude token/auth artifacts and tweaks ESLint ignores to includedev-dist.Reviewed by Cursor Bugbot for commit a01e328. Bugbot is set up for automated code reviews on this repo. Configure here.